How can I securely store and access PowerShell credentials in n8n Code nodes?

Below is an overview of your options regarding storing and accessing custom authentication details for your PowerShell scripts running in Code nodes.

---

1. Creating Generic Credentials in n8n

n8n’s credentials manager is built to securely store authentication details and works very well with supported nodes (like HTTP Request). To create generic credentials, you would normally:

• Open a node (e.g. HTTP Request) that supports credentials.
• In the Authentication section, choose one of the generic types (e.g. Basic Auth, Header Auth, or even Custom Auth).
• Fill in the fields (username, password, API key, etc.) in the credentials modal.

If you’re developing a custom node, you can define a credentials file that outlines the required properties. For example, a credentials file might look like this:

JSCopied
import {
	IAuthenticateGeneric,
	ICredentialTestRequest,
	ICredentialType,
	INodeProperties,
} from 'n8n-workflow';

export class ExampleNode implements ICredentialType {
	name = 'exampleNodeApi';
	displayName = 'Example Node API';
	documentationUrl = '';
	properties: INodeProperties[] = [
		{
			displayName: 'API Key',
			name: 'apiKey',
			type: 'string',
			default: '',
		},
	];

	authenticate: IAuthenticateGeneric = {
		type: 'generic',
		properties: {
			qs: {
				'api_key': '={{$credentials.apiKey}}'
			}
		}
	};

	test: ICredentialTestRequest = {
		request: {
			baseURL: '={{$credentials?.domain}}',
			url: '/bearer',
		},
	};
}

This structure tells n8n how to inject those credentials (for example, into a query string, header, or body) when making API calls.

---

2. Accessing Credentials in Code Nodes

The Code node (including ones running arbitrary PowerShell) is designed for custom, on-the-fly scripting. It doesn’t support direct injection of credentials from the Credential Manager. This means you cannot simply select a credential from the n8n credentials list and have it automatically available within a Code node.

Workarounds:

• Custom Node Approach:
  If you need to leverage n8n’s secure credential storage, consider developing a custom node (or a credential-only node) that supports credentials. Your custom node can then safely retrieve and use those credentials in its logic.

• Using HTTP Request Node as a Bridge:
  You might also route authentication-dependent calls through an HTTP Request node, which does support credentials, and then pass the outputs to your Code node.

• Environment Variables:
  Another option is to store sensitive information as environment variables. When n8n runs in Docker, you can securely set these up at startup. Inside your Code node, you can then access the environment variables via the process environment (e.g. in JavaScript code, using process.env). For PowerShell specifically, you can pass environment variables into your script execution.

---

Summary

• Creating a Generic Credential:
  Use n8n’s Credentials UI (or define a credentials file if developing a custom node) to store authentication details securely.

• Access in Code Nodes:
  Code nodes do not support direct credential injection. To use your stored credentials for PowerShell scripts you can:

  • Develop a custom/credential-only node, or
  • Use an HTTP Request node to handle authentication, or
  • Rely on environment variables set in your Docker configuration.

This way, you avoid hardcoding sensitive values while still leveraging n8n’s secure credential storage where possible.